FPGAs in the cloud

Since 2017, Amazon has been offering so-called EC2 F1 instances in its AWS Cloud, which are equipped with powerful field programmable gate arrays (FPGAs). Virtual machines with developer tools are also made available.

Hardware acceleration from Suricata

Nowadays, every server is exposed to a variety of threats from inside and outside. Suricata offers an open source solution for intrusion detection (IDS) and intrusion prevention (IPS). All network traffic is analysed using self-created rules and signatures and blocked if necessary.

However, above a certain bandwidth, Suricata reaches its limits: The software is no longer able to scan all network packets in real time. This is where the project comes in: critical parts of the software are outsourced to the specialised hardware of the FPGA. This enables higher bandwidths and deeper packet analysis.

Main components

The aim of the project is to develop a demonstrator to show the speed and cost benefits of an FPGA-based solution.

The main tasks include:

• Configuration of development environment and F1 instance in the AWS Cloud.
• Generation of realistic traffic in high bandwidth.
• Implementation of a pre-filter on the FPGA to exclude "benign" traffic from being analysed by Suricata.
• High-level synthesis of a RegEx engine on the FPGA to speed up the search.
• Create an interface between software and FPGA.
• Analysis and graphical evaluation of Suricata logfiles.